package com.qingzhuge.manager.controller;

import com.qingzhuge.controller.base.AbstractController;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.security.web.csrf.CsrfTokenRepository;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author : zero.xiao
 * @date :2019-09-29 22:08
 * @description :
 * @modified :
 * @since : 1.0.0
 */
@Api(tags = "S CSRF")
@RestController
@RequestMapping
public class SysCsrfTokenController extends AbstractController {
    private final CsrfTokenRepository csrfTokenRepository;

    public SysCsrfTokenController(CsrfTokenRepository csrfTokenRepository) {
        this.csrfTokenRepository = csrfTokenRepository;
    }

    @ApiOperation(value = "获取csrf token")
    @GetMapping("csrf")
    public String csrfToken(){
        CsrfToken csrfToken = csrfTokenRepository.loadToken(request);
        if (null == csrfToken){
            csrfToken = csrfTokenRepository.generateToken(request);
            csrfTokenRepository.saveToken(csrfToken,request,response);
        }
        return csrfToken.getToken();
    }


}
